Microsoft ODBC bug

Tue Jul 2 18:21:06 CEST 2019

On 02/07/2019 16:10, Alan DeKok wrote:
> On Jul 2, 2019, at 12:18 PM, Dom Latter <freeradius-users at latter.org>
> wrote:
>> 
>> And again, with PHP, "SELECT 123456789" works fine but a large 
>> number gets an error from the ODBC driver.
>> <snip>
> 
> That's all well and good, but what should *we* be doing differently?

Well, if I knew that...

> We're not Microsoft experts, or experts in ODBC.  The ODBC layer was
> contributed by someone years ago, and we've maintained it since then.
> It mostly works, but new features require people who can delve into
> it and fix things.

And that is what I am trying to do.  I am looking at the following
in rlm_sql_unixodbc.c

/* Executing query */
{
	SQLCHAR *odbc_query;

	memcpy(&odbc_query, &query, sizeof(odbc_query));
	err_handle = SQLExecDirect(conn->stmt, odbc_query, strlen(query));
}

Is that a safe memcpy?  It's a long time since I programmed in C...

In any case probably not relevant to my immediate problem.